綜合實驗，策略路由（BFD,NAT）

让我读个条發表於2024-03-28

路由

涉及：
VLAN

VLANIF

access

trunk

DHCP

RIP

OSPF

ACL

NAT

BFD

策略路由

ip route-static [preference]

LoopBack

綜合實驗，策略路由（BFD,NAT）

<Huawei>system-view

[Huawei]sysname acsw

[acsw]undo info-center enable

[acsw]vlan batch 10 20

[acsw]int g0/0/24 

[acsw-GigabitEthernet0/0/24]port link-type access

[acsw-GigabitEthernet0/0/24]port default vlan 10                              

[acsw]int g0/0/23

[acsw-GigabitEthernet0/0/23]port link-type access 

[acsw-GigabitEthernet0/0/23]]port default vlan 20  

[acsw]int g0/0/1                                        

[acsw-GigabitEthernet0/0/1]port link-type trunk              

[acsw-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20

<Huawei>

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname coresw

[coresw]undo info-center enable

Info: Information center is disabled.

[coresw]vlan batch 10 20 30

[coresw]int g0/0/2

[coresw-GigabitEthernet0/0/2]port link-type trunk

[coresw-GigabitEthernet0/0/2]port trunk allow-pass vlan 10 20

[coresw-GigabitEthernet0/0/2]q  

[coresw]interface vlanif 10

[coresw-Vlanif10]ip add 192.168.10.254 24

[coresw-Vlanif10]interface vlanif 20

[coresw-Vlanif20]ip add 192.168.20.254 24

[coresw-Vlanif20]q

[coresw]dhcp enable

[coresw]ip pool dhcpvlan10

[coresw-ip-pool-dhcpvlan10]network 192.168.10.0 mask 255.255.255.0

[coresw-ip-pool-dhcpvlan10]gateway-list 192.168.10.254

[coresw-ip-pool-dhcpvlan10]dns-list 223.5.5.5

[coresw-ip-pool-dhcpvlan10]excluded-ip-address 192.168.10.101 192.168.10.253

[coresw-ip-pool-dhcpvlan10]lease day 3

[coresw-ip-pool-dhcpvlan10]q

[coresw]ip pool dhcpvlan20

[coresw-ip-pool-dhcpvlan20]network 192.168.20.0 mask 24

[coresw-ip-pool-dhcpvlan20]gateway-list 192.168.20.254

[coresw-ip-pool-dhcpvlan20]dns-list 223.5.5.5

[coresw-ip-pool-dhcpvlan20]excluded-ip-address 192.168.20.101 192.168.20.253

[coresw-ip-pool-dhcpvlan20]lease day 3

[coresw-ip-pool-dhcpvlan20]q           

[coresw]interface vlanif 10

[coresw-Vlanif10]dhcp select global

[coresw-Vlanif10]interface vlanif20

[coresw-Vlanif20]dhcp select global

[coresw-Vlanif20]

rip version 2演示：

<coresw>system-view 

[coresw]interface gigabitethernet 0/0/1

[coresw-GigabitEthernet0/0/1]port link-type access

[coresw-GigabitEthernet0/0/1]port default vlan 30     

[coresw-GigabitEthernet0/0/1]interface vlan30

[coresw-Vlanif30]ip address 192.168.30.254 24

[coresw-Vlanif30]q

[coresw]rip 

[coresw-rip-1]version 2

[coresw-rip-1]network 192.168.10.0   

[coresw-rip-1]network 192.168.20.0

[coresw-rip-1]network 192.168.30.0

[coresw-rip-1]

<Huawei>system-view 

[Huawei]sysname router

[router]undo info-center enable

[router]interface gigabitethernet 0/0/0

[router-GigabitEthernet0/0/0]ip address 192.168.30.1 24

[router-GigabitEthernet0/0/0]q

[router]rip 

[router-rip-1]version 2

[router-rip-1]network 192.168.30.0              

[router-rip-1]q

[router]display ip routing-table

Route Flags: R - relay, D - download to fib
-----------------------------------------------------------------------

Routing Tables: Public

         Destinations : 9        Routes : 9        

 

Destination/Mask    Proto   Pre  Cost      Flags NextHop      Interface

 

      127.0.0.0/8   Direct  0    0           D   127.0.0.1  InLoopBack0

      127.0.0.1/32  Direct  0    0           D   127.0.0.1  InLoopBack0

127.255.255.255/32  Direct  0    0           D   127.0.0.1  InLoopBack0

   192.168.10.0/24  RIP     100  1           D   192.168.30.254 GigabitEthernet0/0/0

   192.168.20.0/24  RIP     100  1           D   192.168.30.254  GigabitEthernet0/0/0

   192.168.30.0/24  Direct  0    0           D   192.168.30.1    GigabitEthernet0/0/0

   192.168.30.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0

 192.168.30.255/32  Direct  0    0           D   127.0.0.1 GigabitEthernet0/0/0

255.255.255.255/32  Direct  0    0           D   127.0.0.1  InLoopBack0

[router]undo rip 1

##################################

以下使用OSPF

##################################

[router]ospf 

[router-ospf-1]area 0

[router-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255

[router-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255

[router-ospf-1-area-0.0.0.0]network 192.168.30.0 0.0.0.255

[router-ospf-1-area-0.0.0.0]display ip routing-table

##################################

[coresw]ospf

[coresw-ospf-1]area 0

[coresw-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255

[coresw-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255

[coresw-ospf-1-area-0.0.0.0]network 192.168.30.0 0.0.0.255

[coresw-ospf-1-area-0.0.0.0]q

[coresw-ospf-1]q

配置出口路由器的出介面
##################################
[router]interface gigabitethernet 0/0/1

[router-GigabitEthernet0/0/1]ip address 12.1.1.3 24

[router-GigabitEthernet0/0/1]int g0/0/2

[router-GigabitEthernet0/0/2]ip address 23.1.1.3 24

[router-GigabitEthernet0/0/2]q

模擬聯通路由
##################################

<Huawei>sys

<Huawei>system-view 

[Huawei]sysname liantong

[liantong]int g0/0/0

[liantong-GigabitEthernet0/0/0]ip address 12.1.1.1 24

[liantong-GigabitEthernet0/0/0]q

[liantong]undo info-center enabl

[liantong]int g0/0/1

[liantong-GigabitEthernet0/0/1]ip address 10.1.1.1 24

[liantong-GigabitEthernet0/0/1]q    

[liantong]interface LoopBack 1

[liantong-LoopBack1]ip address 2.2.2.2 24

[liantong-LoopBack1]q

[liantong]rip 

[liantong-rip-1]version 2

[liantong-rip-1]network 12.0.0.0

[liantong-rip-1]network 2.0.0.0

[liantong-rip-1]network 10.0.0.0

[liantong-rip-1]q

模擬電信路由
##################################

<Huawei>sys

<Huawei>system-view 

[Huawei]sysname dianxin

[dianxin]int g0/0/0

[dianxin-GigabitEthernet0/0/0]ip address 23.1.1.2 24

[dianxin-GigabitEthernet0/0/0]q

[dianxin]int g0/0/1

[dianxin-GigabitEthernet0/0/1]ip add 10.1.1.2 24

[dianxin-GigabitEthernet0/0/1]q

[dianxin]interface LoopBack 1

[dianxin-LoopBack1]ip address 3.3.3.3 24

[dianxin-LoopBack1]q

[dianxin]rip 

[dianxin-rip-1]version 2

[dianxin-rip-1]network 23.0.0.0

[dianxin-rip-1]network 10.0.0.0

[dianxin-rip-1]network 3.0.0.0

[dianxin-rip-1]q

（主備切換）配置出口靜態路由，nat對映，bfd通道檢測
<router>system-view 

[router]acl 2000

[router-acl-basic-2000]rule 10 permit source 192.168.10.0 0.0.0.255

[router-acl-basic-2000]rule 20 permit source 192.168.20.0 0.0.0.255

[router-acl-basic-2000]int g0/0/1

[router-GigabitEthernet0/0/1]nat outbound 2000

[router-GigabitEthernet0/0/1]q

[router]bfd

[router]bfd liantongbfd bind peer-ip 12.1.1.1 source-ip 12.1.1.3 auto

[router-bfd-session-liantongbfd]commit

[router-bfd-session-liantongbfd]q

[router]ip route-static 0.0.0.0 0 12.1.1.1 track bfd-session liantongbfd 

[router]int g0/0/2

[router-GigabitEthernet0/0/2]nat outbound 2000

[router-GigabitEthernet0/0/2]q

[router]ip route-static 0.0.0.0 0 23.1.1.2 preference 80

#############################################

<liantong>sys

<liantong>system-view 

[liantong]bfd

[liantong-bfd]bfd liantong bind peer-ip 12.1.1.3 source-ip 12.1.1.1 auto

[liantong-bfd-session-liantong]commit

[liantong-bfd-session-liantong]q

####################################

[coresw]ip route-static 0.0.0.0 0 192.168.30.1

策略路由
將指定網段的流量從出口路由指定的出口出去

step1：配置ACL，匹配流量

acl number 2010

rule 10 permit source 192.168.10.0 0.0.0.255

acl number 2020

rule 10 permit source 192.168.20.0 0.0.0.255

 

step2：流分類

traffic classifier jiaoxue

if-match acl 2010

traffic classifier sushe

if-match acl 2020

 

step3：流行為

traffic behavior re-dianxin

redirect ip-nexthop 12.1.1.1  # 重定向到下一跳目標ip地址

traffic behavior re-liantong

redirect ip-nexthop 23.1.1.2  # 重定向到下一跳目標ip地址

 

step4：流策略

traffic policy p

classifier jiaoxue behavior re-dianxin

classifier sushe behavior re-liantong

 

step5：出口路由器的入介面應用策略路由

interface gigabitethernet 0/0/1

ip address 192.168.30.1 255.255.255.0

traffic-policy p inbound

華為動態NAT小實驗演示
2017-11-27
淺析路由策略與策略路由
2006-09-11
路由
路由策略
2024-04-06
路由
路由策略和策略路由配置與管理-1
2017-02-24
路由
資料結構實驗三：線性表綜合實驗
2018-05-01
資料結構
在CISCO路由器上配置NAT功能
2016-08-10
路由器
Vlan間路由實驗（單臂路由實現法）薦
2006-12-09
路由
【rman備份策略】實驗
2022-08-25
配置rip動態路由實驗
2020-12-19
路由
2020-10-26 實驗五：NAT工作原理分析與驗證
2020-10-26
01、路由策略簡介
2024-03-25
路由
13、BGP與BFD聯動
2024-04-15
實驗二——————路由器口令配置
2018-05-25
路由器
提高API效能的幾個綜合策略
2024-02-08
API
010.OpenShift綜合實驗及應用
2020-06-23
RCNA綜合實驗（Vlan+RIP+ACL+鏈路聚合）
2017-11-12
通過流策略實現策略路由（重定向到不同的下一跳）
2020-12-22
路由
BFD雙向轉發檢測
2024-03-28
Linux 策略路由詳解
2022-10-10
Linux路由
實驗十二————VLAN路由及STP協議
2018-05-29
路由協議
實驗十五————動態路由協議RIP
2018-05-29
路由協議
實驗十六——————動態路由OSPF基礎
2018-05-29
路由
SCAU 高程綜合實驗：檔案操作與字元處理
2020-12-26
字元
網路綜合佈線實驗室--完美解決方案
2007-09-07
華為路由器qos car+nat+dhcp+vlan配置心得薦
2007-03-20
路由器
用iptables實現NAT(轉)
2007-08-10
HCNP Routing&Switching之BFD
2022-07-17
Kali路由策略探測工具————firewalk
2018-06-07
路由
oracle實驗記錄（恢復-rman保留策略）
2009-09-17
Oracle
如何用iptables實現NAT(zt)
2006-07-06
Angular 使用 RouteReuseStrategy (路由複用策略) 實現後臺 TAB 標籤
2019-12-18
Angular路由
某學校雲電腦專案策略路由實際使用案例
2022-02-22
路由
實驗十四——————IP地址劃分和靜態路由
2018-05-29
路由
oracle實驗記錄（精細策略dbms_rls）
2009-07-28
Oracle
用兩種方式實現基於源地址的策略路由(轉)
2007-08-11
路由
Laravel 驗證類實現路由場景驗證和控制器場景驗證
2019-12-28
Laravel路由
觀察者+配置中心動態策略路由Demo
2021-12-03
路由
綜合漏洞發現工具蜻蜓使用體驗
2022-05-25

綜合實驗，策略路由（BFD,NAT）

相關文章